Where am I?

HOME
Mousetrap technology blog

« Super Mario and the back-seat gamers | All Posts | Facebook 'monitored by Al Qaeda' say Canadian military »

February 27, 2008

Unsettling discovery shows thousands of web sites at risk

Security specialists at Finjan report today they have stumbled upon what may be the biggest cache of stolen website details ever amassed by cyber-crooks. FTP server details -- including the user name, password and server addresses -- from thousands of large sites were contained in the database, Finjan said, no doubt meant to be sold off to scam artists. The 8,700 stolen FTP accounts found include some of the world’s top hundred domains, Finjan added.

The discovery appears to be another piece of evidence pointing to a new trick favoured by cyber fraudsters: infecting large websites with malware. Over the past six months, there has been an alarming increase in the number of sites that are unknowingly hosting malicious code, infecting their visitors with an errant click. Sure enough, Finjan reports, "these stolen  (FTP server) credentials enable criminals to compromise servers and automatically inject crimeware to infect users visiting them".

"You could pick any server you wanted in the list, pay for it" and launch an attack with very little effort, Finjan CTO Yuval Ben-Itzhak told Computer World.

Posted by Bernhard Warner on February 27, 2008 at 04:01 PM |

Comments

"crimeware"...

"You could pick any server you wanted in the list, pay for it" and launch an attack with very little effort

lol, internets.

Posted by: Anonymous | Mar 3, 2008 5:11:19 PM

This is exactly why username/password details should be changed frequently.

Posted by: Home networking guides articles and news | Mar 3, 2008 5:18:52 PM

OH NO!Someone has violated my Vital SecurityTM computer with crimeware and crawled out of my monitor please send

Posted by: Wut? | Mar 3, 2008 11:30:36 PM

Recently I bought a new PC. Apart from the improved tech aspect, I thought that my new IP sould eliminate the nuisance that pop up ads; "you won a laptop", "You are the nth winner" and the most stupid "En solo 18 meses.. The University of Phoenix" make me wish to shoot the guys responsible. My pop up protection works 50%. How can one find out who is placing those pop ups?

Simon

Posted by: Simon | Mar 8, 2008 2:49:30 PM

Post a comment

Comments are moderated, and will not appear on this weblog until the author has approved them.

If you have a TypeKey or TypePad account, please Sign In

Your Writers


  • Holden Frith, Technology Editor, Times Online

    Jonathan Richards, Technology Reporter, Times Online

    Michael Moran, Web Correspondent, Times Online

    Bernhard Warner, Freelance Technology Journalist

    David Hutchinson, Times Online Designer

    Send us an Email

RSS Feeds

three random posts

Recent Comments

Links

Categories

Recent Posts

Archives

News on Times Online

Other Times Online Blogs